bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27

From:	Mark H Weaver
Subject:	bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928].
Date:	Fri, 19 Mar 2021 20:28:04 -0400

Hi Léo,

Léo Le Bouter via Bug reports for GNU Guix <bug-guix@gnu.org> writes:

> * gnu/packages/databases.scm (mariadb/fixed): New variable.
> (mariadb)[replacement]: Graft.
> ---
>  gnu/packages/databases.scm | 33 +++++++++++++++++++++++++++++++++
>  1 file changed, 33 insertions(+)
>
> diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
> index 8be83f5cbe..6fdb22d7fb 100644
> --- a/gnu/packages/databases.scm
> +++ b/gnu/packages/databases.scm
> @@ -734,6 +734,7 @@ Language.")
>                              (append (find-files "extra/wolfssl")
>                                      (find-files "zlib")))
>                    #t))))
> +    (replacement mariadb/fixed)
>      (build-system cmake-build-system)
>      (outputs '("out" "lib" "dev"))
>      (arguments
> @@ -969,6 +970,38 @@ Language.")
>  as a drop-in replacement of MySQL.")
>      (license license:gpl2)))
>  
> +(define mariadb/fixed
> +  (package/inherit mariadb

Please don't use 'package/inherit' when the package you're defining is a
replacement to the package you're inheriting from.  It creates a package
object with an infinite chain of grafts.  I guess that the infinite
chain gets truncated somewhere in the grafting machinery, but I seem to
recall that this kind of thing has caused real problems in the past.

'package/inherit' is usually the right thing when defining other kinds
of package variants, however.

Thanks again for all of your recent work on improving our security.  It
is a great help.

      Regards,
        Mark

[Prev in Thread]

Current Thread

[Next in Thread]

bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE), Léo Le Bouter, 2021/03/19
- bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE), Julien Lepiller, 2021/03/19
- bug#47257: [PATCH 0/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]., Léo Le Bouter, 2021/03/19
  - bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]., Léo Le Bouter, 2021/03/19
    - bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]., Mark H Weaver <=
    - bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]., Mark H Weaver, 2021/03/19
- bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE), zimoun, 2021/03/19
  - bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE), Léo Le Bouter, 2021/03/25
    - bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE), zimoun, 2021/03/29
    - bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE), Léo Le Bouter, 2021/03/29
    - bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE), zimoun, 2021/03/30
- bug#47257: [PATCH v2] gnu: mariadb: Fix CVE-2021-27928., Léo Le Bouter, 2021/03/25
  - bug#47257: [PATCH v2] gnu: mariadb: Fix CVE-2021-27928., Julien Lepiller, 2021/03/25
- bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928., Léo Le Bouter, 2021/03/25
  - bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928., Léo Le Bouter, 2021/03/25

Prev by Date: bug#47271: guix graph --path results in backtrace
Next by Date: bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928].
Previous by thread: bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928].
Next by thread: bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928].
Index(es):
- Date
- Thread